package com.leyou.system.config;

import com.leyou.system.domain.Permission;
import com.leyou.system.mapper.PermissionMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.CollectionUtils;

import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

public class MyFilterInvocationSecurityMetadataSource implements FilterInvocationSecurityMetadataSource {

    private final AntPathMatcher antPathMatcher = new AntPathMatcher();

    @Autowired
    //注入mapper 拥有查询登录用户对应的url 也就是权限
    private PermissionMapper permissionMapper;

    public MyFilterInvocationSecurityMetadataSource() {

    }

    //用map封装路经角色对应关系
    private final Map<String,List<String>> urlRoleMap = new HashMap<String, List<String>>();

    @Override
    public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
        //查询所有的当前数据库的所有权限
        List<Permission> permissions = permissionMapper.findAllPermissionPath();
        for (Permission permission : permissions) {
            //根据权限查询对应的角色
            List<String> roleStrings = permissionMapper.findAllRoleByPermission(permission.getId());
            //查询不为空放进map
            if (!CollectionUtils.isEmpty(roleStrings)){
                urlRoleMap.put(permission.getPath(),roleStrings);
            }
        }

        //获取登录的请求
        FilterInvocation fi = (FilterInvocation) object;
        String url = fi.getRequestUrl();
//        String httpMethod = fi.getRequest().getMethod();  获取请求方法get post等。

        for(Map.Entry<String,List<String>> entry:urlRoleMap.entrySet()){

            //因为我的数据库每个权限只存了一级路径所以用startwith判断
            if(url.startsWith(entry.getKey())){
                //String[] roles = (String[]) entry.getValue().toArray();  这种方法会报类型转换异常

                //定义数组集合封装角色roleName  这个集合说明这个当前请求路径需要的角色信息
                String[] roles = new String[entry.getValue().size()];
                for (int i = 0; i < entry.getValue().size(); i++) {
                    roles[i] = entry.getValue().get(i);
                }
                //传递到决策管理器
                return SecurityConfig.createList(roles);
            }
        }
        //根据路径查询对应的角色
        String[] urlArray = url.split("\\?");
        url = urlArray[0];
        //查询该url需要的全部角色
        Permission permission = permissionMapper.findPermissionByPath(url);
        List<String> roles = permissionMapper.findAllRoleByPermission(permission.getId());
        String[] roleList = new String[roles.size()];
        if (roles!=null){
            for (int i = 0; i < roles.size(); i++) {
                roleList[i] = roles.get(i);
            }
             roleList = (String[]) roles.toArray();
        }

        return SecurityConfig.createList(roleList);
        //return null;
    }

    @Override
    public Collection<ConfigAttribute> getAllConfigAttributes() {
        return null;
    }

    @Override
    public boolean supports(Class<?> clazz) {
        return FilterInvocation.class.isAssignableFrom(clazz);
    }
}
